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1. INTRODUCTION 

Mobile devices are very popular today and play a critical role in the everyday lives of most 
humans [1]. The majority of these devices are so useful because they contain android applications [2]-[5]. In 
most cases, these applications require sensitive personal information such as name, address, and date of birth. 
Security vulnerabilities in these applications can be catastrophic to the users. To combat these vulnerabilities, 
we must perform a thorough analysis and make or utilize a model to foresee these vulnerabilities. In this 
literature review, we will explore a few security measures that have been used to do just that. The first 
measure or model that we decided to conduct more research on was risk calculations, which should be used 
to determine how secure an application is. The second measure we decided to explore was access control, for 
this metric we decided to dive deep into things such as permission-based access and healthcare applications 
where user privacy is even more critical. The last measure we chose to review is predictive analysis, we knew 
that there has been a huge increase in the popularity of machine learning and artificial intelligence. We came 
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to know that this could be very beneficial to finding security vulnerabilities and allowing us to enjoy our apps 
without fear of cyberattacks. 

There have been many studies focused on security metrics for Android Mobile applications as a 
result of the recent increase of research interest in the area of Android smartphone security. 
Gonzalez et al. [6] investigated string offset order, a new easy-to-extract function. They were able to 
recognize the symptoms of reverse-designed Android applications using their tool, which did not require any 
further research. They used datasets from the Android Malware Genome Project, Droid Analytics, and 
Drebin to test the String Order metric's capabilities. In addition, over 5,000 Android applications were 
retrieved from the Google Play Store, and over 80,000 samples from the Virus Total service were analysed 
on a wide scale. In a comprehensive review of some repackaging exploration techniques. Offline and web 
technologies are the two basic forms of technology. They each have their feature. A technology that is used 
offline cannot be replaced by a tool that is used online and vice versa. Offline technologies are for the 
smartphone store owner's direct use, while online technologies are for Android users' direct use. We 
investigate a variety of online and online-related technology. These technologies describe a subset of 
technologies that use various features and metrics to discover application similarities [7]-[10]. 

The research conducted by Ordofiez-Ordofiez et al. [11] examines the reliability of mobile banking 
applications from both the inside and out. The authors used blog mining as a research method to comb 
through blog posts about mobile banking app protection. Security threats, assurance protocols/best practices, 
and potential security patterns are outlined to assist banks and customers in reducing the security risks 
involved with a range of financial applications. A study presented by Zheng et al. [12] looked at numerous 
security vulnerabilities in Android portable applications, especially for sensitive applications, and 
concentrated on analysing popular security attacks on cell phone applications. Preliminary studies to 
determine the feasibility and complexity of applying security attacks to the vital mobile mission application, 
finding current solutions and research holes, and recommending research directions Using numerous hacking 
methods and tactics, we successfully conducted three repackaging attacks to obtain access to victim files. We 
evaluate the extent of risk and recommend technological mitigation by evaluating these scenarios. The 
research carried out by Khokhlov and Reznik [13] describes information protection and quality assessment 
approach based on a probabilistic assessment of disruptive behaviours that exploit Android operating system 
features and bugs in the same way that installed apps can. It depicts the Android OS engineering functionality 
associated with protection and major security tools. The paper demonstrates the measurements chosen for 
information security assessment and the approach developed to combine them, resulting in an overall security 
evaluation score that addresses sensor-based information dependability. The count of instances of the total 
security assessment ranking is added and dissected. 

The remainder of this paper is organized as follows. Section 2 elaborates the risk value calculation 
of applications in the marketplace. The discussion encompasses elucidating the vulnerabilities of the major 
changes to the Android permission system and describing the levels of threat based on the given score. In 
section 3, the access control security in Android applications has been presented and examined. A description 
of the mobile app development affected by access control vulnerabilities has been given. Furthermore, 
various access control metrics that are used to assess the risk of access control functionality in mobile 
applications are elaborated. Several frameworks that could be utilised to moderate data access for mobile 
application development are also explained. The predictive analysis to combat security vulnerabilities is 
demonstrated in section 4. The discussion includes describing the security mechanisms that have evolved 
with millions of applications in the past, as well as innovative technologies that could offer more 
sophisticated security. The conclusion is depicted in the final section, section 5. 


2. RISK VALUE CALCULATION OF APPLICATIONS IN THE MARKETPLACE 

Smartphone applications are an essential part of our daily life. From social media to banking to 
access medical reports, we are using mobile applications for ease of access [14]-[17]. More than 80% of 
smartphones run on the Android operating system [18]. Such dominance in the market also makes Android 
an exclusive target for mobile threats. Security mechanisms are needed for such applications considering the 
sensitivity of the data. When we want to install any app from the Android Playstore, it does ask permission to 
access personal data, location, camera etc. Some malicious applications take advantage of these permissions, 
as most of the users tend to accept the clause without thinking about the impacts due to the complex language 
in the clause or the lack of time or understanding. Once these malicious applications gain access to the 
personal data, they can access our location, photos, camera, internet, or anything they can use for the attack 
[19]-[24]. Due to the massive collection of applications on the play store, it is difficult to recognize which 
applications are genuine and which are not. Since Android allows third-party developers applications to be 
released in the play-store security cannot be guaranteed from those applications as well. Also, some 
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unofficial markets do not have any centralized control so untrusted developers can distribute malicious 
applications. 

Playstore itself cannot track all the applications yet for its maliciousness and common users do not 
have the understanding to identify which applications can misuse their data. There should be a mechanism in 
the AppStore, that can indicate the severity of the risk posed by the applications if we accept the permission 
clause [25]-[30]. There needs to be some scoring system that can define how safe is the app to install without 
compromising personal data. Figure 1 shows the timeline of the Android evolution with vulnerabilities and 
version updates. On many occasions, attackers were able to gain root privileges to take over the control of the 
device. 

Android applications put their users at risk in a variety of ways, such as by using code that may 
jeopardize user privacy or device integrity [31], [32]. The majority of existing security countermeasures for 
identifying unsafe applications have flaws, most of which are linked to devices comprehension and 
acceptance. As a result, consumers will benefit from a clear but successful method of determining if an 
application is secure. Android applications pose many risks to their users, e.g., by including code that may 
threaten user privacy or system integrity [31], [32]. Most of the current security countermeasures for 
detecting dangerous apps show some weaknesses, mainly related to users’ understanding and acceptance. As 
a result, consumers will benefit from an easy but reliable method for determining if an application is safe to 
install or not. 
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Figure 1. Vulnerabilities and timeline of major changes to the android permission system [33] 


Multi-criteria software evaluator of confidence for AndrOID (MAETROID) is one of the proposed 
frameworks for evaluating the trustworthiness of Android applications as depicted in Figure 2 [32]. It evaluates 
the authenticity of the app before installation using analytical hierarchy process (AHP) [34]. This evaluation is 
labelled to the app to rank the risk metric. The goal of this framework is to assign labels to the applications from 
Trusted, Medium or high risk by computing and comparing alternatives and criteria. It calculates the threat 
score using a weighted and normalized total of single threat scores obtained by manually reviewing all of 
Android's permissions. The MAETROID platform has been turned into an Android application [32]. When a 
new app is getting installed, MAETROID intercepts the information and does the analysis and shows the threat 
score to the user. Table 1 outlines the details of the threat levels and their meaning. The threat score is used to 
determine privacy threat, financial threat, system threat, and global threat. 
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Table 1. Threat levels [19] 
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Figure 2. MAETROID classification process [19] 


Referenced articles mention different solutions proposed to increase security measures while 
installing any Android app. Several proposals suggest that a scoring system will help ensure common users 
are aware of these impacts before they can install the app and it will help them to decide to accept the risk or 
not. Some suggested calculating security risk scores based on permissions demanded by Android applications 
using crawl models and statistical measurements [35]. 

For an android device, the risk value calculation process is used to measure risk values. Optimal risk 
value is evaluated based on a set of selected malware and normal applications. Application is processed to 
extract data and then the risk is estimated using the risk parameters and then the final risk value is calculated. 
Extraction of data gets the permissions, API calls, resources, intentions. High rated malicious applications are 
used for sampling the risk associated. This way risk value is calculated, and the potential of the malicious 
application can be determined. When a user wants to install the application, risk value calculation (RVC) 
extracts features from the APK file and they are matched with the database stored with high-risk features and 
then it can accurately estimate the risk the applications possess as shown in Figure 3 [18]. 

Figure 4 shows the RVC findings as well as the associated risk steps [18]. The percentage of 
malicious applications is used to pick and identify each sorted list. The alarming rate and identification rate 
are the terms used to describe these two acts. Since there is no absolute alert rate threshold value for our 
assessment process, and it is also independent of the risk value collection, we must make a rational 
distinction between them at that stage. Similar to RVC, one more scoring system free update mean (FUM) 
scoring is available to use [2]. Figure 5 illustrates the list of vulnerabilities discovered and patched over time 
as reported in [2]. 

The FUM Security matrices are used to rate system vendors and network operators based on their 
ability to provide upgrades and their vulnerability to critical vulnerabilities. a difficult-to-game composite 
FUM ranking ($5.7). By reducing knowledge asymmetry, the FUM [1] score allows private and public sector 
consumers, as well as individuals, to make more educated buying decisions. These metrics free, upgrade and 
mean (F, U, M) together calculate a platform's protection in terms of known vulnerabilities and upgrades by 
calculating the proportion of operating devices free of critical vulnerabilities, the proportion of devices 
receiving the most recent Android version updates, and the mean amount of vulnerabilities yet to be patched. 
The FUM score is a ten-point scale that can be measured [1]. We give F more weight because it is the most 
important metric. We map M into the range (0-1) since it is an unbounded positive real number. As a result, 
we have the FUM score: 


2 
1+eM 


FUMgcore = 4F + 3U +3 


(1) 


The FUM security metric evaluates, and rates system vendors and network operators based on their 
ability to provide upgrades and their vulnerability to crucial vulnerabilities. Buyers and regulators will use 


An investigation study for risk calculation of security vulnerabilities on ... (Radhwan M. Abdullah) 


1740 O ISSN: 2502-4752 


the measure to see which system vendors and network providers have upgrades and which do not. 
Considering MAETROID is already implemented with the Android marketplace, and it is easier for the user 
to understand the threat score before installing the app, it is the preferred framework to use for preventing 
malicious applications. 
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Figure 3. RVC risk estimate model [18] 
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Figure 5. Vulnerabilities discovered and patched over time [2] 


Indonesian J Elec Eng & Comp Sci, Vol. 25, No. 3, March 2022: 1736-1748 


Indonesian J Elec Eng & Comp Sci ISSN: 2502-4752 O 1741 


3. METHOD 

A growing area of concern for developers and users, regarding data security in mobile applications, 
is proper access control. Applications that do not take consideration in implementing an access control model 
can be taken advantage of to access private user data. This is an area of research that is still looking into 
developing frameworks and models to use as a metric to incorporate access control for mobile applications. 
The following subsections present and discuss the access control security in Android applications. 


3.1. Mobile application development affected by access control vulnerabilities 

A cornerstone to access control in Android applications is permission-based access. Although most 
applications redirect permissions to the OS, some applications require select permissions which grant them 
access to additional users’ information. This has the possibility of being exploited by having applications 
communicate therefore expanding permissions and allowing user data to be more easily accessible. The 
challenges to current permission-based access have mostly to do with user and developer permission 
comprehension [36]. If the stakeholders of a mobile app do not comprehend when permission access to 
resources on a mobile device is suitable, then it can be an opening for malicious behaviour. The 
vulnerabilities of access control may not be acknowledged by most users of popular applications [37]-[40], 
however, this can impede development in mobile applications that require the security of confidential 
information such as medical records. Having a metric for access control security could help developers have 
a better understanding of appropriate permissions while minimizing the risk of possible malicious behaviour. 


3.2. Metrics for access control security 

Access control security is essential in some industries such as the medical field due to the 
importance of private medical info rmation. For mobile applications to be used in sharing critical information 
it is important to have a model or framework to assess data security risks. Although there are a few standards 
in place to help secure private information, there is ongoing research on creating a set of metrics to best 
assess the risk of access control functionality in mobile applications. Below are three recently proposed 
access control metrics and frameworks that developers can use to moderate data access, some of which are 
inspired by securing private medical information. Socio-technical risk-adaptable access control 
(SoTRAACE). Model of risk assessment: health care professionals rely heavily on role-based access control. 
Due to access control vulnerabilities in mobile Android applications, it can be a great security risk if roles 
could obtain permission to unauthorized medical information. To reduce security risk a new hybrid risk 
assessment to the access control model called SOoTRAACE has been proposed. 

The risk assessment metric is calculated using risk ranking with a respective risk factor, and the 
weight of the risk which was determined by experts in a New Delphi study [19]. The prototype app that is 
used to implement SoTRAACE handles risk-adaptable decisions by utilizing the user’s location and 
connections [19]. This permission-based access control can be largely customizable based on quantitative and 
qualitative data provided by its users. However, there is little available research to compare the hybrid-risk 
assessment procedures of this model to others. Also, the risk factors used to calculate risk assessment are 
small and could include more context to the data being assessed. OWASP Top 10 Mobile Risks: Another 
healthcare inspired access control framework for developers is open web access security project (OWASP) 
Top 10 Mobile Risks. The framework consists of 10 metrics that allows a technical auditor to identify the 
security vulnerabilities of their application as demonstrated in Figure 6 [41]. The metrics were used to 
evaluate WebMD Allergy and Track My Medical Records mobile applications. Using the OWASP Top 10 
Mobile Risks checklist a security risk of Track My Medical Records was discovered [26]. Although the risk 
checklist proved that track my medical records had a security vulnerability, the effectiveness of the 
framework needs to be tested on additional samples. 

HybridGuard permission and policy framework: There has been a rise in web-based mobile 
applications that have proven to be a security risk factor for data access. Since most web-based mobile 
applications rely on JavaScript it can be hard to deduce where the requested data access is coming from and 
if exposed APIs are being taken advantage of. HybridGuard is a framework that uses principle-based, stateful 
policies, to provide access control to web-based mobile applications without modifying hybrid frameworks or 
mobile applications [19]. When an API invocation is received it will be tested by the stateful policies within a 
policy manager acting as a monitor. If the API invocation is permitted, then access will be granted as 
elucidated in Figure 7 [42]. The HybridGuard framework can be useful for developers in the creation of 
access control policies and metrics to assess security by recording instances of unauthorized access, what 
data was trying to be accessed, and data exposure by authorized API invocations. Although HybridGuard has 
been tested only on 6 mobile applications more testing needs to be done with promises of HybridGuard 
allowing users to download the framework as an app and set their policies. 
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Figure 6. OWASP top 10 mobile risks [41] 
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Figure 7. The architecture of the HybridGuard framework [42] 


4. RESULTS AND DISCUSSION 

As mentioned before security vulnerabilities in Android applications can affect the user of the 
application or the device itself. As engineers, it is a necessity to consider various measures to ensure the 
security of your app. We will always start with the measures that have worked in the past for millions of 
applications, but we must also consider new solutions that could provide more advanced security. We chose 
to take a deep dive into how engineers have one would assume that if a threat can be detected long before it 
reaches the application that it would be highly effective, predictive analysis and machine learning techniques 
explore this assumption deeply. The first report we looked at addressed the following: During the study, 
about 200 open-source applications that were available on the Android app store were considered. This 
experiment necessitated the use of an application's source code. FBReader was the application of choice (free 
e-book reader). The application had about 39K lines of code and had received over 3700 updates in the code 
shop. Classes that were discovered in the vault and had a position with outside libraries were ignored. The 
application has been downloaded more than a million once and has received positive feedback. For more 
information, see Figure 1. We downloaded several copies of the source code from the FBReader source code 
databases. Table 2 describes the FBReader versions for source code analysis as reported in [43]. We found 
vulnerabilities for each edition by utilizing fortify's source code analyzer (SCA), a robotized static code 
review platform that tests program source code then produces a report containing all of the vulnerabilities 
discovered, along with areas and portrayals [44]. For each iteration, we have calculated a comprehensive 
collection of object-oriented code metrics. The JHawk 5 tool was used [45], which gathers about 40 separate 
measurements for each level. Finally, we created a categorization model using support vector machines 
(SVM) that uses code measurements to predict when a Java class is vulnerable (result). 


Table 2. FBReader versions for source code analysis [43] 


Metrics Description 
0.75 OCT 2010 

0.99.0 JAN 2011 
1.0.0 APR 2011 
1.1.0 JUN 2011 
1.20 OCT 2011 
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Since 2008, the number of Android flaws has risen. As a result, it is reasonable to assume that the 
Android ecosystem's security status is deteriorating year after year. One potential explanation is that, as the 
mobile Internet evolves, the number of software available for consumption grows, but the majority of 
developers are inexperienced [41]. Static analysis tools are used to figure out the number of vulnerabilities an 
application might have for numerous reasons. The first reason is that thousands of applications are added to 
the google play store with only a small number of vulnerabilities reports. Furthermore, the vulnerabilities that 
are reported are not complete and lack the historical data related to the vulnerabilities that are needed to build 
the predicting model. The second most important reason is that the static analysis tool can calculate the 
vulnerabilities repeatedly. The static analysis tool provides the ability to get plenty of vulnerabilities for 
thorough analysis. However, some of the source code analyser (SCA) vulnerabilities are false positives that 
we further discuss in the following sections. 

The fortify source analyser was used as a static analysis tool to scan Android mobile applications. 
This tool reports the location of the vulnerabilities along with the criticality and the category of 
vulnerabilities. the vulnerabilities are computed using the following: for every java class if the variable is 
equal to zero its mean there were no vulnerabilities reported for this java class. On the other side, if the value 
is equal to one it means that vulnerabilities are reported for this java class. Table 3 represents the results of 
the predicted vulnerable components of classes. The results have been characterized into the following five 
sections: type of prediction features used, the foundation of the vulnerability data, the kind of prediction 
technique, the applications used for the validation, and the available performance meters [19], [42]. For the 
training data collection, we use the 0.7.6 variant of the FBReader and the SVM vector machine to construct 
the model for predicting the vulnerable classes and components. The radical base function (RBF) is utilized 
to build the classifier. We set the parameters for the RBF function such as COST 100.0 and the value of 
gamma is 0.001. The total number of the components or java class is 215 for the training from which 59 is 
labelled as vulnerable. 

We use five parts of cross-validation to evaluate the performance of the training data. Figure 8 
represents the accuracy of each part. The performance of the model is evaluated by using three metrics which 
are accuracy, precision, and recall. 

- Accuracy: is the percentage of accurate outcomes, such as true positive (TP), the weakest (vulnerable) 
class that is correctly classified as weak) and true negative (TN), the strongest (vulnerable) class that is 
correctly classified as strong) (TN, the non-weak class that is correctly classified as negative). 

- Precision: refers to the probability of a vulnerable component being identified as such. It is determined 
using the formula TP/ (TP+FP). 

- Recall: refers to the probability that a part identified as vulnerable is not vulnerable. It's estimated using 
the formula TP/ (TP+ FN). 

Figure 9 represents the distribution of the vulnerabilities for the components or classes of version 
0.7.6 it displays as a density function. After 20 vulnerabilities the function of density reaches the x-axis. For 
the remaining 4 versions, the vulnerabilities are distributed as the same with a slight difference of collisions. 
Moreover, Figure 10 illustrates the vulnerability evolution over time that have been reported by Krutz in his 
work in [46]. From the figure, it is clear that the severity 3 class has the smallest number of vulnerabilities on 
the considered versions with up to 50 vulnerabilities. However, the figure also denotes that the class of 
severity 2 has the highest number of vulnerabilities with almost 370 vulnerabilities. 

The version of FB Reader is analyzed and the evolution is represented in Figure 11. We notice that 
the number of 3.0 criticality vulnerabilities remains consistent across versions. As a consequence, changing 
the number of vulnerabilities to 2.0 vulnerabilities changes the criticality. Once the results and the view are 
provided it is possible to achieve high accuracy and precision to construct the prediction and classification 
model. The black plane line in Figure 11 represents model accuracy, whereas the black dotted line represents 
the classifier's accuracy of any java class listed as not vulnerable. Many other classes are also predicated as 
non-vulnerable. The dotted line that shows accuracy is taken as a baseline to relate the performance of the 
prediction model. 

The model we created is somewhere in the range of 6.0% and 8.4% more precise than the gauge. 
Note, the separation between the two lines recoils for some time. Our method has a high level of precision, 
with a success rate of more than 80%. The accuracy of the prediction model for each of the four variants 
tested is also seen in Figure 8. Precision varies between 75.9% and 81.5%. This means that when a Java class 
is flagged as vulnerable by the model, it is extremely accurate. However, as seen in the figure, the recall 
estimate is poor. Recall rates range from 37.9% to 42.3%. As a consequence, the model is unreliable when it 
predicts that a Java class also isn't vulnerable. In conclusion, the model can then be used to coordinate the 
audit of Java classes or modules that pose a high risk of vulnerabilities. In any case, the overall list of 
extremely vulnerable classes could be greater than expected or projected. 
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Table 3. Vulnerabilities prediction models proposed by Stevenson [47] 


Title of Studies Predictors used Vulnerability sources Frediciton Applications Performace 
technique 
Evaluting complextiy, Software MFSA, Red Hat Logistic Firefox, Red Firefox---3% recall: 79- 
code churn, and metrics, code Bugzilla, Red Hat regression Hat Linux 86, fall-out: 2225%; Red 
developer activity churn, pacakge management kernel Hat Linux Kernel — 
metrics as indicators of developer system (RPM) precision: 5%, recall 80- 
software activity metrics 90%, fall-out 22-25 
Predicting vulnerable Imports, MFSA SVM Mozilla Precision: 70%, recall: 
software components function calls 45% 
Can traditional fault Software MFSA Logistic Firefox Precision: 12%, recall: 
prediciton models be metrics, code regression 83% 
used for vulnerability churn, 
prediciton developer 
activity metrics 
Is complexity really the Code MFSA/CVE/Bugzilla Logistic Firefox Recall: 3-93%, accuracy 
enemy of the software complexity regression JSengine 43-98% fall-out: 0 — 58% 
security/ An emperical metrics 
model to predict security 
vulnerabilities using 
code complexity metrics 
complexity MFSA/Bugzilla Naive bayes, Firefox C4.5 decsion tree- mean 
Using complexity coupling, and C4.5 Decision precision: 72%, mean 
coupling, and cohesion cohesion Tree, Random recall: 74%, mean 
metrics as early metrics Forest, Logistic accuracy: 73%, mean fall- 
indicators for regression out: 29% 
vulnerabilities 
code churn, NVD Logistics Windows Median precision 60-67%; 
Searching foraneedlein code regression/SVM _ vista median recall 20-40% 
a haystack: Predicting complexity, 
security vulnerabilities dependency 
for windows vista measures, code 
coverage, 
organizational 
metrics, actual 
dependencies 
Toward non-security Non-security Cisco security CART Cisco Recall: 57%; fall-out: 48% 
failures as a predictor of failure reports reports software 
security faults and system 
failures 
Predicting vulnerable Component MFSA/CVE/Bugzilla Bayesian Firefox JS Precision: 61-68%, recall: 
software components dependency network, Naive Engine 60-61%, accuracy: 84- 
with dependency graphs graphs bayes, neural 85%, fall-out: 9-10% 
networks, 
random forest, 
SVM 
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Figure 8. Accuracy percentage [48] 
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Figure 9. Scattering of vulnerabilities [49] 
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Figure 11. Results of classification model [50] 


5. CONCLUSION 

The success of Android technology and applications has made them more tempting to 
cybercriminals. The malware detection program could be introduced and delivered in the form of a 
smartphone application that communicates the scanning results to the customer in an easy-to-understand 
manner. Protecting and making users aware of the malicious applications before installing is the first step 
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towards the security of the Android applications. Even though timely delivery can prevent critical 
vulnerabilities, not many applications provide prompt updates to patch the pitfalls. FUM scoring system can 
help overcome the asymmetry between manufacturer and consumer. Often users are duped into downloading 
malicious applications that seem to be legitimate. This arises largely because consumers are more concerned 
with the app's success and user reviews than with the consent invasions. MAETROID framework can tag 
such applications as per the threat score before installing them, so users are aware of the consequences of 
accepting the permissions clause. Assessments done by the RVC method shows the high-risk rating for the 
malicious applications which can be used as a metric when choosing an app. RVC uses a large database to 
use the historic data and compares the high-risk applications against them to analyse the risk rate. To 
properly control third-party mobile app marketplaces, we need a robust vetting process. 
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